Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e38322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jgelDPQHsOKebyDVSgxt76u+mt1Nk9iQAEUYmGgAGJs=
Subject key identifier: CD:FF:AD:0A:84:3A:78:35:B5:FF:FC:88:2F:29:3A:C2:6B:AF:B6:67
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0C901CB203247AEFAD42245FA8E413341E1F6EFA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 16 Oct 2025 15:47:55 +0000
ROA not before: Thu 16 Oct 2025 15:42:55 +0000
ROA not after: Thu 15 Oct 2026 15:47:55 +0000
asID: 136787
IP address blocks: 212.32.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:90:1c:b2:03:24:7a:ef:ad:42:24:5f:a8:e4:13:34:1e:1f:6e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 16 15:42:55 2025 GMT
Not After : Oct 15 15:47:55 2026 GMT
Subject: CN=CDFFAD0A843A7835B5FFFC882F293AC26BAFB667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:a9:e6:84:2f:b3:d5:99:9d:0d:a0:d4:d7:
0d:d8:05:8b:b9:24:2f:35:4c:3e:47:f5:36:c6:c2:
2e:78:11:5e:e2:de:b7:ae:ff:58:f1:cf:01:5f:2c:
0a:46:89:55:7a:16:b0:d6:62:59:99:c6:16:f3:a6:
c8:75:83:6d:f2:8f:74:20:5e:bc:a1:d7:94:c4:09:
ea:15:e6:f4:61:8f:9f:fe:c5:b7:54:2d:e8:71:e5:
c0:f7:16:46:65:5d:79:d7:bb:10:8c:a3:93:ac:96:
84:2c:9c:a1:71:65:45:b5:3d:be:69:b4:8a:54:88:
36:c2:56:86:de:aa:50:c5:43:b6:ed:a8:44:d4:21:
f6:87:9c:07:56:04:84:8e:45:89:1d:06:3b:52:ee:
ad:2d:aa:e0:1e:46:6a:2a:ac:0c:57:7d:86:d0:cf:
ce:65:31:5d:43:c1:0c:85:09:23:9e:94:c9:44:a2:
17:fa:be:29:a9:05:59:88:f3:88:90:27:f9:e0:e2:
8b:e0:33:6c:af:80:cf:4f:d4:2f:42:4e:99:87:51:
40:d9:40:ca:7b:5c:20:82:03:9f:bf:19:b2:df:04:
de:fa:70:ef:87:fb:14:97:54:36:36:fb:6c:4d:34:
69:02:d9:6a:b2:ed:93:64:0e:81:c7:63:0c:f6:27:
9f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FF:AD:0A:84:3A:78:35:B5:FF:FC:88:2F:29:3A:C2:6B:AF:B6:67
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.82.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f5:5b:ce:e3:d4:dc:a3:c7:10:ad:35:0c:95:28:59:82:27:
1f:5e:23:f0:28:30:65:81:73:13:11:da:4c:5b:69:d7:e5:5d:
2e:65:18:64:72:c9:fb:e7:52:91:c2:ce:c9:22:67:3a:57:33:
34:07:73:fd:b5:c8:d7:36:2d:55:f2:89:f3:10:82:14:98:5f:
1c:d0:47:18:d7:23:c0:43:25:2f:3e:d5:ea:6e:18:bf:dc:1f:
30:a9:33:d3:5b:95:08:24:38:c5:d0:5c:78:72:b9:c3:cf:c4:
88:79:ce:5d:b9:d4:c2:1e:56:91:94:72:06:46:05:c8:91:d7:
bc:8f:25:3c:47:6e:17:02:9e:29:7b:e8:f2:54:3b:09:34:be:
40:9b:fa:31:64:38:37:9c:46:e5:fe:14:c5:ff:d1:84:95:be:
30:5e:58:de:14:06:01:5d:45:04:de:0c:78:9b:c3:2c:cc:2d:
c0:b5:0f:ac:32:d2:83:da:52:f6:31:ea:e1:cd:29:01:48:4d:
6c:ca:a0:7b:6b:a5:15:93:94:9d:a8:39:27:58:17:c7:5a:de:
07:94:01:3f:be:9b:68:97:b9:03:60:fb:f9:8b:87:0e:54:92:
ab:3f:72:04:55:0b:d0:30:16:e4:86:83:de:e8:a6:17:26:35:
94:d9:0f:d5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDJAcsgMkeu+tQiRfqOQTNB4fbvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMTYxNTQyNTVaFw0yNjEwMTUxNTQ3NTVaMDMxMTAvBgNV
BAMTKENERkZBRDBBODQzQTc4MzVCNUZGRkM4ODJGMjkzQUMyNkJBRkI2NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1wanmhC+z1ZmdDaDU1w3YBYu5
JC81TD5H9TbGwi54EV7i3reu/1jxzwFfLApGiVV6FrDWYlmZxhbzpsh1g23yj3Qg
Xryh15TECeoV5vRhj5/+xbdULehx5cD3FkZlXXnXuxCMo5OsloQsnKFxZUW1Pb5p
tIpUiDbCVobeqlDFQ7btqETUIfaHnAdWBISORYkdBjtS7q0tquAeRmoqrAxXfYbQ
z85lMV1DwQyFCSOelMlEohf6vimpBVmI84iQJ/ng4ovgM2yvgM9P1C9CTpmHUUDZ
QMp7XCCCA5+/GbLfBN76cO+H+xSXVDY2+2xNNGkC2Wqy7ZNkDoHHYwz2J5+nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzf+tCoQ6eDW1//yILyk6wmuvtmcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBSMA0GCSqGSIb3DQEBCwUAA4IBAQAc9VvO49Tco8cQrTUMlShZgicfXiPwKDBl
gXMTEdpMW2nX5V0uZRhkcsn751KRws7JImc6VzM0B3P9tcjXNi1V8onzEIIUmF8c
0EcY1yPAQyUvPtXqbhi/3B8wqTPTW5UIJDjF0Fx4crnDz8SIec5dudTCHlaRlHIG
RgXIkde8jyU8R24XAp4pe+jyVDsJNL5Am/oxZDg3nEbl/hTF/9GElb4wXljeFAYB
XUUE3gx4m8MszC3AtQ+sMtKD2lL2MerhzSkBSE1syqB7a6UVk5SdqDknWBfHWt4H
lAE/vptol7kDYPv5i4cOVJKrP3IEVQvQMBbkhoPe6KYXJjWU2Q/V
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:50:59 2025 by rpki-client